Network IPS/IDS

The Respond Analyst automates monitoring and network intrusion analysis for all alerts generated from your network IPS/IDS solutions.

fortinet
mcafee
palo-alto-networks
snort
cisco-firepower
suricata
tippingpoint
check-point
gigamon-insight-iceberg

Endpoint Protection Platforms

Integration to your EPP helps the Respond Analyst differentiate between high impact malware infections requiring incident response and individual infected systems requiring remediation.

sentinelone
symantec
mcafee
windows-defender
palo-alto-networks
trend-micro-apex-1
trend-micro-officescan-xg
crowd-strike
forti-client

Web Filters

Respond Analyst security software integration brings web filter data to frontline analysis.

palo-alto-networks
symantec-blue-coat
mcafee
cisco-firepower
force-point
check-point
zscaler
cisco-umbrella

Industrial Control Systems

Fully automate analysis of alerts generated within operational technology (OT) networks. The Respond Analyst triages alerts within critical infrastructure segments, from energy to manufacturing lines.

security-matters

SIEM / Event Repositories

The Respond Analyst ingests directly from your SIEM. Analyzing and triaging logs saves hours in SIEM content engineering. Post-triaged, escalated decisions are fed back to your SIEM to maintain your existing workflow.

alienvault
arcsight
qradar
splunk
elastic
stack
hadoop
palo-alto-networks
splunk-cloud

Company Context

Integrate the Respond Analyst with your contextual sources to improve decision-making when monitoring and analyzing security alerts. Your company's unique context helps the Respond Analyst determine the function, importance, and risk of your internal systems.

qualys
rapid7
tenable
microsoft-active-directory
dhcp

Threat Intelligence

The Respond Analyst includes the latest research in its decision-making, performing lookups out of the box based on built-in integrations or through your existing threat intelligence investments via STIX & TAXII integration.

maxmind
stix-taxii
tor
whoisxml
financial-services
alienvault-open-threat-exchange
virus-total
dshield

Operations Management

Use your existing incident notification and case management systems to keep an eye on incidents escalated by the Respond Analyst.

demisto
pagerduty
resilient
servicenow
splunk-phantom
microsoft-exchange
google-mail

Join our growing community! Subscribe to our newsletter, the "First Responder Notebook," delivered straight to your inbox.